Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Conditions

Written by
Updated at January 27, 2025

Note

The IP lists feature is at the Preview stage.

You can set the following rule conditions:

Type

Match options

Values

Example

Logical operator

IP
  • Matches or falls within the range
  • Mismatches or lies outside the range
  • IP belongs to the region
  • IP does not belong to the region
  • IP belongs to the list
  • IP does not belong to the list
  • IP address
  • CIDR
  • Address range
  • Two-letter country code as per ISO 3166-1 alpha-2
  • Name of the preset or custom address list
  • 1.2.33.44
  • 2001:0db8:85a3:0000:0000:8a2e:0370:7334
  • 10::1234:1abc:1/64
  • 1.2.0.0-1.2.1.1
  • ru
  • kz

or

HTTP header
  • Matches
  • Mismatches
  • Starts with
  • Does not start with
  • Matches regular expression
  • Does not match regular expression

Format: key: value, where key is an HTTP header,
value is a specific header value, value
prefix, or regular expression of
PIRE library
  • User-Agent: curl/7.55.1

and

Request URI
  • Matches
  • Mismatches
  • Starts with
  • Does not start with
  • Matches regular expression
  • Does not match regular expression

Request path, initial part of the request path, or regular
expression of the PIRE library
  • /

N/A

Query Match
  • Matches
  • Mismatches
  • Starts with
  • Does not start with
  • Matches regular expression
  • Does not match regular expression

key: value format, where key is a request parameter,
value is a specific parameter value,
value prefix, or regular expression of the
PIRE library

  • a: 1
  • A: 2

and

Host
  • Matches
  • Mismatches
  • Starts with
  • Does not start with
  • Matches regular expression
  • Does not match regular expression

Values of the Host header for HTTP/1.1 or
the authority pseudoheader for HTTP/2 used to
select a virtual host, value prefix, or
regular expression of the PIRE library
  • example.com

or

HTTP method
  • Matches
  • Mismatches
  • Starts with
  • Does not start with
  • Matches regular expression
  • Does not match regular expression

HTTP request method in uppercase.
You may use a random value, value prefix,
or regular expression of the PIRE library
  • GET
  • POST
  • DELETE

or

Cookie
  • Matches
  • Mismatches
  • Starts with
  • Does not start with
  • Matches regular expression
  • Does not match regular expression

key: value format, where key is a cookie header,
and value is a specific cookie value, value prefix,
or regular expression of the PIRE library
  • csrftoken=u32t4o3tb

and

HTTP body
  • Matches
  • Mismatches
  • Starts with
  • Does not start with
  • Matches regular expression
  • Does not match regular expression

String in the HTTP packet body or
regular expression of the PIRE library
  • <br><input type='submit'>

or

Regular expression format

You can use regular expressions in such conditions as HTTP header, Request URI, Query Match, Host, HTTP method, Cookie, or HTTP body. These conditions support the match types Matches regular expression and Does not match regular expression.

Regular expression operators

  • Quantifiers. These set the allowed number of element repetitions.

    • *: Zero or more occurrences of any characters. a*: Zero or more occurrences of the a character. a*b: Any occurrence of a before b.

      For example, a* means an empty string, a, aa, aaa, etc.

    • a+: One or more occurrences of a.

      For example, a+: a, aa, aaa, etc.

    • a?: Zero or one occurrence of a.

      For example, https?:// means http:// and https://.

    • {n}: n occurrences. For example, a{3}: aaa.

    • {n,m}: From n through m occurrences. For example, a{3,5}: aaa, aaaa, and aaaaa.

    • {n,}: At least n occurrences. For example, a{3,}: aaa, aaaa, aaaaa, etc.

  • Characters and operations.

    • .: Any single character, but for line break one.

      For example, a.b means aab and acb, but not ab.

    • [abc]: One of the characters between the square brackets.

      For example, [abc] means a, b, and c.

    • [^abc]: Any character, but for those between the square brackets.

      For example, [^abc] means any character other than a, b, or c.

    • [a-z]: Any character from a through z.

      For example, [a-z] means any lowercase letter from a through z.

    • a|b: Mutually exclusive options, either a or b.

      For example, example|domain means either example or domain.

    • \\w: Any letter.

    • \\W: Non-letter (digit, underscore, punctuation marks, space, etc).

    • \\d: Digit. \\D: Non-digit.

    • \\s: Space. \\S: Non-space.

Note

To use a character not as a regular expression operator or special character, escape it with \. For example, you need to escape such characters as . + * [ ] ( ) { } ^ $ ?.

Case in regular expressions

  • Case sensitive. Enter a regular expression in required case.

    For example, exaMple will represent the exaMple string.

  • Case insensitive. Add (?i) to the beginning of the expression.

    For example, (?i)example will represent strings like example, EXaMple, EXAMPLE, etc.

Examples of regular expressions

  • ^User-Agent:\s*$: Block requests with empty or space-only User-Agent header value.

    In this expression, ^ is the beginning of the string, \s* is zero or more spaces, and $ is the end of the string.

  • \\[\'\"\.\;]: Block requests containing \ before a suspicious character (backslash injections).

    In this expression, \\ is backslash, and [\'\"\.\;] is any character from between the square brackets.

  • a{100,}: Block requests containing unusually long sequences of identical characters, as this may be a sign of a DDoS attack.

    In this expression, a{100,} stands for 100 or more a in a row.

  • --.*: Block requests containing comments in SQL queries, as this may be a sign of an SQL injection.

    In this expression, -- is the beginning of an SQL comment, and .* is zero or more of any characters.

Previous
Rules
Next
Lists